US government seeks hackers

Page Tools

Attention hackers: Uncle Sam wants you. As scam artists,
organised-crime rings and other miscreants find a home on the
internet, top US federal officials are trolling hacker conferences
to scout for talent and talk up the glories of a career on the
front lines of the information wars.

"If you want to work on cutting-edge problems, if you want to be
part of the truly great issues of our time ... we invite you to
work with us," Assistant Secretary of Defence Linton Wells told
hackers at a recent conference in Las Vegas.

Wells and other "feds" didn't exactly blend in at Defcon, an
annual gathering of computer-security experts and teenage
troublemakers that celebrates the cutting edge of security
research.

The buttoned-down world of Washington seems a continent away at
Defcon, which was named as a spoof on the Pentagon's code for
military readiness derived from "defence condition."

Graffiti covers the bathroom walls, DJs spin electronic music by
the pool until dawn and hackers who "out" undercover government
employees win free T-shirts.

At a "Meet the Feds" panel designed to bridge the cultural
divide, a young man waved a pages-long manifesto and demanded, "I
would like to know why the federal government, especially some of
the law enforcement agencies, are destroying this country."

Despite appearances, hackers and the government have long
enjoyed a symbiotic relationship.

Federal research dollars funded development of the internet and
many other cutting-edge technologies, and many hackers first learn
the ins and outs of computer security through military service
before moving on to private-sector jobs.

College students in computer-security programs can have their
tuition picked up by the government if they agree to work there
when they graduate.

The Pentagon is rumoured to employ hackers to attack foreign
networks. A Pentagon spokesman was not available for comment.

Feds have been a key part of the Defcon audience since its
inception in 1992, though they are required to stay at off-site
hotels to avoid some of the wilder goings-on.

Along with recruiting, the conference gives federal officials a
chance to develop sources and keep up with new research.

"I'm learning while I'm here but I'm also getting the names of
people I can maybe call on later so we have a better understanding
as cases go along," said Don Blumenthal, who oversees the internet
lab for investigators at the Federal Trade Commission.

Tensions between feds and hackers ran high in 2001 when the FBI
arrested Russian programmer Dmitri Skylarov at the conference for
writing a program that could break copy protection on electronic
books.

The relationship between the two sides has turned less
adversarial in recent years, according to long-time attendees, and
government employees now account for nearly half of the audience.
Some Defcon staffers even hold down day jobs with the National
Security Agency and other government shops.

"You can't be deceived by the uniforms," said technology
commentator Richard Thieme. "I talked at the Pentagon, and
one-third of the people in the audience I already knew from
Defcon."

That's not to say that Defcon has gone straight. The ability to
break into computer systems is prized above all, and conference
attendees whose computers fell prey to their colleagues' attacks
are displayed on a "wall of sheep."

Some hackers spent the weekend in their hotel rooms cooking up a
new way to take control of the Cisco routers that underpin much of
the internet.

Many defend this "black hat" approach, arguing that attacks that
cause damage in the short term raise awareness of online threats
and thus improve the security picture as a whole.

The feds made it clear they were not interested in working with
those who break into computer systems without permission.

"We're looking for people who haven't crossed that line yet,"
said Jim Christy, director of the Pentagon's Cyber Crime Institute.
"You've got to get folks with the right morals."

The FTC's Blumenthal said that while he was impressed with the
honesty of the people he had met, he would double-check the
information he receives from them as he does with other
sources.

"I have to feel confident that what I'm getting is a straight
story," he said. "I find out if I have a curve thrown at me."